Re: Blocking Ip address ranges

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I can agree they're most likely probes rather than attacks (of course a
probe that finds a weekness becomes an attack..) can't the logging level
just be turned down?  Not quite as safe, but could get you to the
content you need to deal with quicker?  Perhaps split the logging into
two separate logs, emergency and warning levels?  Just abstract
thought...I have no idea how to accomplish either suggestion?


On Tue, 2005-01-25 at 11:32 -0600, Thomas Cameron wrote:
> On Tue, 2005-01-25 at 17:27 +0000, Robert Slade wrote:
> > Hiya,
> > 
> > I'm using FC2 and my Web Server keeps getting attacked by from a number
> > of sources (Korea, China, France) which is filling the logs up with
> > rubbish. I have been adding the IP addresses to IPtables, but it is a
> > bit of a pain to keep doing this as there are quite a few attacks from
> > different IPs. Is there an easy way of doing this? I'm thinking of
> > setting up a rule in Iptables to point to a file which I can easily add
> > the IP addresses that I need to block. Is this possible and what would
> > be the syntax?
> > 
> > Thanks
> > 
> > Rob    
> 
> I tried this years ago, and quickly found that I could never keep up.
> These "attacks" (usually more probes than outright attacks) come from
> all over the globe.
> 
> Me personally, I just live with the log entries.
> 
> Thomas
> 


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux